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Preface 



On behalf of the Organizing and Program Committees of the 3rd European 
Conference on Universal Multiservice Networks (ECUMN 2004), it is our great 
pleasure to introduce the proceedings of ECUMN 2004, which was held during 
October 25-27, 2004, in Porto, Portugal. 

In response to the Call for Papers, a total of 131 papers were submitted from 
29 countries. Each paper was reviewed by several members of the Technical 
Program Committee or by external peer reviewers. After careful assessment of 
the reviews, 53 papers were accepted for presentation in 13 technical sessions; half 
of them originated from countries outside Europe (mainly Asia). This illustrates 
the strong interest of this conference beyond its original geographical area. 

The conference program covered a variety of leading-edge research topics 
which are of current interest, such as wireless networks, mobile ad hoc networks, 
sensor networks, mobility management, optical networks, quality of service and 
traffic, transport protocols, real-time and multimedia, Internet technologies and 
applications, overlay and virtual private networks, security and privacy, and 
network operations and management. Together with three plenary sessions from 
France Telecom, Siemens, and Cisco Systems, these technical presentations ad- 
dressed the latest research results from the international industry and academia 
and reported on findings on present and future multiservice networks. 

We thank all the authors who submitted valuable papers to the confer- 
ence. We are grateful to the members of the Technical Program Committee 
and to the numerous reviewers. Without their support, the organization of such 
a high-quality conference program would not have been possible. We are also 
indebted to many individuals and organizations that made this event happen, 
namely IEEE, EUREL, SEE, Order of Engineers, Institute of Telecommunica- 
tions, France Telecom and Springer. Last but not least, we are grateful to the 
Organizing Committee for its help in all aspects of the organization of this con- 
ference. 

We hope that you will find the proceedings of the 3rd European Conference on 
Universal Multiservice Networks in Porto, Portugal a useful and timely document 
that presents new ideas, results and recent findings. 
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Abstract. A 4G-environment is based on the integration of 3G mobile and 
other wired and wireless technologies into an all-IP network environment. Cen- 
tral to such an environment is a 4G-service platform, which offers services such 
as AAA, mobility management and session control, and also mediates between 
the users and providers of these services. Each service platform and its associ- 
ated users, service providers and access networks constitute a service platform 
domain. Extension of offered functionality and expansion of coverage is ob- 
tained by federation between multiple service platform domains. In the 
4GPLUS project a conceptual framework is developed for 4G-environments, 
which specifies the functionality and structure of the 4G-service platform and 
the concept of federation. Several key aspects of this framework have been re- 
fined, implemented and prototyped within this project. This paper provides an 
overview of the 4G-concepts developed within the project and the main results 
achieved. 



1 Introduction 

Current communication infrastructures comprise fixed networks (e.g. Ethernet and 
ADSL), mobile Wide Area Networks (e.g. GPRS and UMTS), Wireless Local Area 
Networks (WLAN) and their associated terminals. Services supporting all kinds of 
media, such as voice, video and data, are offered over these infrastructures by an in- 
creasing number of providers. Examples are voice over IP provided by telephony pro- 
viders, conferencing services and multimedia streaming. Though these communica- 
tion infrastructures have capable functionality, they fail to meet obvious upcoming 
user requirements: users are technology agnostic , they want to have universal access 
to their services, and their services should be adapted according to the context and/or 
their personal preferences [16]. In order to meet these user requirements, the follow- 
ing system requirements must at least be imposed on a supporting infrastructure. The 
first is seamless mobility, which includes hand-overs to other terminals, to other ac- 
cess networks as well as to other administrative domains. The second is generic ac- 
cess including authentication and authorization for both network access and service 
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access. The third is session control including session negotiation as well as session 
adaptation. 

The design of a supporting infrastructure meeting these requirements is the topic of 
the 4GPLUS project [1,4]. Such an infrastructure is generally denoted a 4G- 
environment. The design includes a framework that integrates network and service ar- 
chitecture. Central to the service architecture in 4GPLUS is the service platform, 
whose (distributed) generic software components provide feasible technological solu- 
tions for meeting the user requirements mentioned above. To implement our architec- 
tural framework, we combine and extend existing technologies. Also, we introduce 
new business opportunities without taking away assets from current operators and a 
new enterprise model that supports our solution. 

In this paper we will explain our vision and solutions on facilitating software infra- 
structures for the 4G-environment and highlight results that we achieved within the 
4GPLUS project. The remainder of this paper is structured as follows. A concise 
overview is given of the 4G-environment and the impact that the introduction of this 
4G environment has on the current enterprise model. An end-user scenario illustrates 
the issues that have been addressed by the 4GPLUS project. These issues, i.e. mobil- 
ity management, session control, federation and service provisioning, are described 
with references to papers, presentations and reports [20-25] published earlier. Our 
conclusions are given in the final section. 



2 4G-Environment 

A 4G-environment in the context of the 4GPLUS project consists of: (a) access net- 
works of different technology types including wired (e.g. xDSL) and wireless net- 
works (e.g. UMTS and Wi-Fi™); (b) next generation mobile terminals with a wide 
range of communication, computing and storage capabilities; (c) a rich set of (3 rd 
party) services that offer value added services to mobile end users across these het- 
erogeneous networks and terminals, and; (d) service platforms for development and 
provisioning of services. 

Functionally, the 4G-environment adheres to a 3-layered model consisting of an 
application layer, a service control layer and a transport layer [24]. The transport layer 
consists of heterogeneous access networks and core networks. The application layer 
contains all application logic needed to provide services from 3 rd Party Service Pro- 
viders (3PSPs) to end-users. The service control layer is logically located between the 
application and transport layers and shields the network heterogeneity for the different 
parties. The service control layer is made up of service platforms interoperating 
through federation [2,5,9,24], 

Fig. 1 shows a schematic structure of the 4G-environment, including the three lay- 
ers mentioned above. There is global IP-connectivity between all networks and all 
end-to-end communication is IP-based. The IP packets exchanged between access 
networks and the core network are assumed to have globally routable IP addresses. 
End users, 3PSPs and service platform operators are the end points connected to these 
access networks. The services provided in the application layer range from user-to- 
user services, such as telephony, to user-provider services, such as content retrieval 
services. 
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Fig. 1 . The physical structure of a 4G-environment 

The service platform(s) in the control layer offer(s) service control functions that 
enable end users to easily gain and maintain access to (new) services, while roaming 
between different access networks and terminals. For 3PSPs, a service platform acts 
as a one-stop-shop for providing their services to end-users and hides the changes of 
access networks and terminals due to roaming of end-users. For access networks, a 
service platform provides control functions for transport outsourcing services. Ref. [5] 
describes how service platforms and the envisioned federation among them realize the 
service control functionality. 



3 4G-Enterprise Model 

The current enterprise model for Internet access business is inadequate for 4G- 
environments, and therefore needs a revision. We first analyze in what respects the 
4G-environment differs from the environment of current Internet access business. 
Based on these observations, an enterprise model for 4G-environments (4G-EM) is 
proposed. Finally we elaborate on the central role in this new enterprise model, i.e. 
the Service Platform Provider (SPP). 

The current enterprise model for Internet access is shown in Fig. 2. a. The role of 
the Internet Service Provider (ISP) needs some explanation. The currently known ISP 
is not an atomic role. Rather it is a functional composition of three roles [18]. By of- 
fering services such as e-mail, web hosting, virus scanning and the like, the ISP per- 
forms the role of an Application Service Provider (ASP). Since the ISP has, in most 
cases, contact with the customer and sends the bills, it also performs the role of the 
packager. Finally, the ISP takes care of naming and addressing and thus of IP-address 
allocation. Therefore, it also plays the role of Internet Communication Provider (IP- 
CP). It is assumed that each ISP has its own range of public IP-addresses. 

Opposed to the current Internet access business, the 4G-environment is in many 
cases an open service environment. By exporting interfaces to 3PSPs in a standard- 
ized way, the SPP introduces a new kind of functionality. Notice that the 3PSP role is 
similar to the ASP role. The difference is just a matter of parlance. Also, both per- 
sonal and terminal mobility are supported by a 4G-environment. This means that the 
association between a customer and an access network, and thus the IP-edge, is a dy- 
namic one rather than a permanent one. 
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(a) 




Fig. 2. Enterprise models for (a) the current Internet access business, and for (b) the 4G- 
environment 



The 4G-EM shows some salient aspects of 4G-environments as defined within the 
4GPLUS project, namely the incorporation of all kinds of access networks, the use of 
public IP as the common transport technology, the federation between SP-domains, 
and the various 3PSPs that take the role of ASPs. The SPP role entails three major as- 
pects, as shown by the decomposition of this role in Fig. 2.b: 

1. value-added IP -connectivity provider (VA-CP) - In addition to simply issue IP- 
addresses and process AAA, the SPP can provide mobility, session control, profile 
management, personalization and QoS-management. 

2. packager - The SPP performs the packager role and thus offers the services of the 
3PSPs and the access network providers within its domain to the customers. The 
relation of an SPP with multiple access networks and multiple 3PSPs makes it a 
one-stop-shop for customers. 

3. one-stop-shop for 3 PSPs - Due to federation with other service platform domains 
and its role as a packager, the SPP is a one-stop shop for 3PSPs. 3PSPs need to 
have a relation with only one SPP in order to get a much larger ‘audience’. 



4 End User Scenario 

Following the descriptions of the 4G-environment and the 4G-enterprise model we- 
now introduce an end-user scenario that provides links to the concepts that have been 
developed within the 4GPLUS project. 

John is an end-user (customer), who has a subscription with a public SPP, and who 
(also) has IP-connectivity via his corporate domain in his employee-role. The public 
SPP domain and corporate domain, including the involved parties, are depicted in the 
scenario environment of Fig. 3. The SPPs provide John with access to a number of 
different access networks and services, offered by different CPs and 3PSPs. In the fol- 
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Fig. 3. Overview of the scenario environment 

lowing scenario description this is elaborated upon. Further, with superscripts we re- 
fer to the sections that follow, where we describe the specific 4GPLUS concepts and 
results, being: 

A. federation: enabling access to services across administrative domains; 

B. mobility management: handling the mobility of the user (equipment); 

C. session control: controlling sessions in a heterogeneous network environment; 
and 

D. services: providing support for value added services. 

John is planning to go home when he receives a video call from his wife c 1 8 '. He 
answers the call using his fixed videophone. Since he was just about to leave the of- 
fice, he transfers the call 82 to his PDA that is connected to the corporate WLAN net- 
work ' . According to company policy only audio calls are allowed ‘ and the video 
is dropped 121 . Meanwhile, John can continue 82 the conversation with his wife; she re- 
minds him on her mother’s birthday coming up and asks John to buy a gift on his way 
home. While John leaves the office premises his call is seamlessly handed over to the 
UMTS network* 1 '*' 2 '* 3 ' B ' 2B3 . 

He walks over to the railway station where a Wi-Fi™ hotspot is available' 1 ' . 
When he accesses the network 8 3 he is notified of the cost. A local service D provided 
by the railway operator informs him A3D on the delay of certain trains. This provides 
John with sufficient time for buying a present. He finds a nearby gift shop using the 
FindNearest service* 30 . John’s preferences indicate he likes to be notified about inter- 
esting offers while being in a shopping center and he receives a number of advertise- 
ments before arriving at the gift shop* 3 ' 0 . Once there, he cannot make up his mind on 
the best present. On the spot he sends three picture-messages 0 to his wife and she - 
knowing her mother best, selects the appropriate gift. 

The railway service reminds him to get back to the railway station to catch his 
train. In the 45-minutes train trip John spends his time on reading the latest news and 
his private e-mail. He also views the video clips that were recorded by his personal 
video recorder during the day c . Suddenly he remembers he forgot to send an impor- 
tant e-mail message to his colleague Jan. Although he is not in his corporate domain, 
he has access* 1 '* 3 to all corporate services and is able to send the e-mail* 2 . When he 
gets home, his PDA automatically obtains access to his private WLAN* 3 ' 8283 , which 
now is being used to receive all private telephone calls 8 
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Fig. 4. Federation in a 4G-environment: (a) domain federation, and (b) service federation 



5 The 4GPLUS Results 

A Federation 

In [5,24] the service platform domain is defined as the service platform plus all enti- 
ties it maintains administrative relations with. Federation between service platform 
domains in a 4G-environment is a key concept. Federation is a primary necessity for 
inter-domain mobility or roaming. Notice, however, that mobility applies to the intra- 
domain case as well. 

1. Domain Federation. Several service platform domains can create a domain 
federation, as shown in Fig. 4. a between domains A and B. Through federation, the 
service capabilities of SP B be-come available for the end-users of SP A , and vice versa. 
This is illustrated as end-user 1 being able to access the profile capability of SP B (i) 
and end-user 2 being able to access the personalization capability of SP A (ii). In 
addition, when end-user 1 is connected to the networks within SP B , indicated by end- 
user 1’, the domain federation enables end-user 1 to still access the personalization 
capability (iii). Here it is assumed that terminal mobility is not solved at the IP- 
network level, and that through federation, end-user 1’ is granted IP-access as a 
visitor by SP B . 

2. Service Federation. SP-providers can also be engaged in service federation. This 
is illustrated in Fig. 4.b. If SP A and SP B offer similar functions, in this example 
mobility management and session control, these functions can be extended over these 
domains. In a first example (iv), end-user 1 has, in addition to the capabilities offered 
by domain federation also (SIP-based) terminal mobility across the federated 
domains. This means that the location of this end-user is tracked, and therefore that 
end-user 1 not only is able-to-reach, but also is reachable by others, and maintains 
active sessions during hand-over. The second example of service-federation in Fig. 
4.b is session control (v). Both SP A and SP B have session control capabilities. Due to 
federation of these capabilities, end-user 1 in domain A can set up a session with end- 
user 2 in domain B. 
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3. User Identification and Authentication. In order to support seamless roaming in 
a heterogeneous network environment, the mobile terminal should be able to 
authenticate to all available networks without requiring user interaction. Assuming a 
subscription with a SPP, authentication requests must be terminated by the SPP and 
not the access networks. For Wi-Fi™ and even LAN networks, the IEEE 802. lx 
framework in combination with RADIUS supports such an authentication scheme. 
One authentication variant supported by IEEE 802. lx is EAP-TLS, based on client 
certificates containing a user identifier (user@ domain) and credentials (private and 
public keys). Another variant is EAP-SIM, where the authentication triplets - 
commonly used in GSM networks - from a SIM-reader and a SIM card allow Wi- 
Fi™ and LAN authentication. Both have been implemented and validated in the 
4GPLUS solutions [13], 

In addition to network authentication, users may need authentication to (web- 
based) services as well. Rather than registering for every service, the user’s subscrip- 
tion with the SPP enables single sign-on to 3rd party services. A prerequisite for this 
to work is a trust relationship between SPP and 3PSP. The 4GPLUS service platform 
has adopted Liberty Alliance concepts, and in particular SAML [12], 



B Mobility Management 

The Mobility Management functionality of the service platform provides three func- 
tions: (1) Location Management to locate the network attachment points of end-users 
for session initiation, (2) Handover Management to modify the IP routes of the ongo- 
ing sessions of end-users and (3) Network Access to establish IP connectivity to dif- 
ferent access networks. Ref. [10] and Ref. [11] describe a high-level architecture of 
the Mobility Management component that uses Mobile IP and SIP to enable IP-level 
user and terminal mobility in 4G-environments. In Ref. [3] we motivate the idea of 
decoupling Location Management and Hand-over Management in 4G environments, 
where a mobile host is equipped with wireless WAN and wireless LAN interfaces 
(such as UMTS and Wi-Fi™). The following subsections briefly elaborate upon our 
implementation of the Mobility Management functions. 

1. Location Management. The Location Management function keeps track and 
discovers the current IP-addresses associated with mobile end-users’ terminals. The 
current IP addresses associated with a mobile end-user are dynamically maintained in 
a corresponding Home Agent (when using Mobile IP) or a registrar at a corresponding 
Service Platform (when using SIP) [10,11]. Every other end-user contacts the Home 
Agent or the SIP registrar, when initiating a new session towards the mobile end-user. 
[17] describes in detail our SIP based roaming solution that realizes also session 
control aspects. 

2. Hand-over Management. The Hand-over Management function maintains an 
end-user’s ongoing sessions as the corresponding IP-addresses change due to terminal 
mobility or terminal change. Within the 4GPLUS project, we have combined SIP and 
Mobile IP for Handover Management [10,11]. As a single point of control on the 
mobile terminal, a mobility manager manages the handover process (as well as 
network selections) and hosts a Mobile IP client. Mobility-aware applications can 
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register with the mobility manager to monitor and request network handovers, with 
the purpose to realize session mobility with SIP [17]. In Ref. [15], we focus on the 
mobility management functionality residing on the mobile host and describe the 
implementation of a mechanism to systematically exploit the availability of multiple 
mobility protocols and network interfaces. The mechanism provides the applications 
running on the mobile host with information about the state of the lower-layer 
mobility management protocols as well as the state and characteristics of the available 
network resources. Applications may consecutively adapt their behavior depending on 
this mobility process information or use SIP to deal with some mobility issues (e.g., 
route optimization). 

3. Network Access. IP connectivity can be arranged to one or more access networks 
simultaneously in 4G-environments. Being a prerequisite to Location Management 
and Hand-over Management, the Network Access function enables a mobile end- 
user’s terminal to send and receive IP traffic by detecting network interfaces and 
available access networks, selecting access networks and configuring terminal 
interfaces. Access network selection, implemented as part of the mobility manager on 
the mobile terminal, includes a decision process that uses input parameters such as 
availability of interfaces and networks, signal quality and bandwidth [6,7,25]. In 
4GPLUS, we have extended the decision process by including user preferences, 
operator policies, network cost and local application requests as well [25]. 



C Session Control 

In the 4G-environment, the availability and almost constant access to networks with 
increasingly higher bandwidth will stimulate the use of multimedia services. For these 
types of services the ability of seamless roaming is even more critical. In addition to 
the proper configuration at the network level, special care should be taken to control 
the ongoing multimedia sessions. 

1. Session Adaptation. Besides the ability of reconfiguring the appropriate network 
settings due to changes in the network environment, the SIP protocol also enables the 
adaptation of multimedia sessions that is required in such circumstances. This means 
that also the service itself can be adapted based on the available network resources. In 
4GPLUS, we have created a multimedia application supporting video conferencing 
sessions over Ethernet or Wi-Fi™ networks, while dropping video - maintaining 
audio - when switching to GPRS. Other characteristics that could be changed are for 
instance the frame rate of the video, the codecs to be used, etc. This mechanism 
allows services to achieve the best user experience and enables efficient use of 
network resources, in an environment where users are using different services across a 
wide range of different access networks. We have tested a number of scenarios and 
also combined the use of Mobile IP for mobility management and SIP for session 
control, for which the results can be found in this paper [17]. 

2. Controllable Gateway. A Controllable Gateway (CGW) in the access network 
functions as a dynamic firewall that controls admission to end-user service sessions 
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[8]. The CGW resides on the IP path at the IP-edge between the access network and 
the rest of the world. While the access network provider may own the CGW, the SPP 
controls the CGW, possibly via another SPP through federation. All IP traffic from 
and to a user connected to, for example, a Wi-Fi™ hotspot must go through the CGW 
belonging to this access network. The basic functionality of the CGW can possibly be 
extended with e.g. QoS control, network security, metering (for billing purposes) and 
legal intercept. The CGW is a suitable point to implement these extra functionalities, 
especially legal intercept, since all traffic flows are available here. The SPP remains 
the controlling entity for these extra functionalities. 



D Value Added Services 

The technologies and solutions described so far enable roaming in a heterogeneous 
network environment. In 4GPLUS, we have enhanced the end-user experience with 
additional service platform services accessible from the mobile terminal. Besides re- 
quired services such as support and contact information, added value can be achieved 
with Service Platforms delivering lists of Wi-Fi™ hotspots and their locations, loca- 
tion-based services and personal and local portals. To support location-based services, 
the service platform offers a single standardized Parlay X interface - embedded in the 
SAML security context - for 3PSPs to retrieve user location information independent 
of access networks. The local portal concept allows end-users to access a web-based 
service portal for the access network currently in use. The resulting channel to adver- 
tise various services provides an incentive for SMEs to offer public Wi-Fi™ hotspot 
connectivity. 



6 Conclusion 

Our 4G Service Platform is a (distributed) software infrastructure, supporting applica- 
tions and services with functionality for, e.g., network and service authentication, pro- 
filing, session control, seamless mobility and charging. 

Through co-operation of the distributed components, the interoperability issues be- 
tween the various (network) technologies and administrative domains are solved. 
Seamless mobility, i.e., the capability of end users to roam through arbitrary environ- 
ments while automatically maintaining connectivity to their application, is realized by 
federated mobility management functions. Various kinds of access control, mobility 
management, inter-domain AAA are put in place to make this work. Also session ad- 
aptation to the changing environment is realized, as are appealing end-user services. 
Important key protocols used in the 4GPLUS solutions include Mobile IP, SIP, 
SAML and IEEE 802. lx with different EAP variants. 

The result is that, irrespective of the network or administrative environment the 
user is in, the services and applications are made available, tailored to the specific en- 
vironment and user preferences, and maintained in a seamless and transparent manner 
while roaming. In other words, our 4GPLUS solution meets the emerging user re- 
quirements of technology agnosticism, universal and secure service access and service 
adaptation. 
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Abstract. Users of real time applications expect to roam between fixed 
and different wireless networks without notice, therefore handovers are 
expected to be seamless. The use of IP, and specifically Mobile Ipv6, as 
a transport technology solves some of the internetworking problems, but 
not the seamless handover. Although some extensions, as Hierarchical 
Mobile Ipv6 and Fast Handover, were introduced, these extensions, and 
combinations of them, do not offer an optimal handover performance. 
In this article, a new combination of these two extensions is proposed. 
This solution tries to solve the problems of seamless handoff for real time 
applications. 



1 Introduction 

Current trends in communication networks point to an aggregation of all kinds 
of traffic (data, voice, etc) in the same transport technology, and this is valid for 
both fixed and wireless networks. The use of IP as a transport technology solves 
some of the internetworking problems between different technologies, but at the 
same time, the IP Quality of Service mechanisms [2] are not fully adapted to the 
mobility between different technologies. 

In the last few years, there has been a fast development of real-time ap- 
plications, and customers are demanding an efficient solution to the problems 
emerging from this kind of applications. Ideally, a real time application should be 
able to roam between a fixed network, a wireless LAN [3] or a UMTS provider. 
Multiple and different handovers have to be established in this type of environ- 
ment: between technologies (vertical handover) and between cells of the same 
technology (horizontal handover) . These handovers are expected to be seamless, 
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** The work leading to this article has been partly supported by CICYT and the EU 
under contract number TIC2003-04784-C02-02 
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that is, undetected by the users. To make it transparent to the user, these han- 
dovers have to be done in a short period of time, without disturbance in the 
established communication. 

As both the usage of real time applications and the development of wire- 
less devices grow more and more, a protocol being able to support a seamless 
handover is required. A protocol that was able to make a handover between 
different IP networks, Mobile IPv4, appeared a few years ago. However, this 
protocol lacked a method to establish a seamless handover. 

A new protocol, trying to overcome the deficiencies of Mobile IPv4, and fully 
adapted to the new generation of mobile devices and protocols, appeared. This 
protocol is Mobile IPv6 [4], based on the IPv6 protocol. Nevertheless, the seam- 
less handover problems had not been solved yet, and some extensions trying to 
come up with the definite solution were introduced. The most important exten- 
sions to Mobile IPv6 protocol are Hierarchical Mobile IPv6 and Fast Handover. 
The first one tries to minimize the communication with the Home Agent, which 
may be situated far from the Mobile Node. In this case, this extension opts 
for reducing the number of (home) network registrations, using a hierarchical 
scheme. The other important extension is Fast Handover, that tries to minimize 
the address resolution time. 

It has been proven that these extensions do not offer an optimal handover 
performance, so a few combinations of these protocols have been presented so 
far. In this article, a new combination of these two extensions, fully adapted to 
the new generation of mobile devices and applications is proposed. This solution 
tries to solve the problems of seamless handoff for real time applications. 

2 Mobile IPv6 

Mobile IPv6 [5] protocol was principally designed to solve the mobility problem 
caused by the IP address architecture. A node is uniquely identified by its IP 
address, which is composed of two different parts. The first part is the network 
identifier, a part used to designate the network in which the node is located. 
The second part is the host identifier, which identifies a single host within a 
certain network. Due to this architecture, when a Mobile Node moves to another 
network, it must change its IP address, to get another one with the network 
prefix corresponding to the new network. This process cannot be done without 
an interruption in a possible ongoing communication, with the corresponding 
interruption in the application level. 

Mobile IPv6 tries to overcome this problem introducing a level of indirection 
at the network layer. A special node, called Home Agent, located in the home 
network, intercepts the packets addressed to the Mobile Node while it is away 
from the home network, sending the data to the current location of the Mobile 
Node. To do this, the Mobile Node sends a Binding Update message to the Home 
Agent, informing about the new IP address, called care-of address, topologically 
correct, that the Mobile Node has obtained from the new network, normally using 
the method described in [6]. The Mobile Node can also send the Binding Update 
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message to the Correspondent Node in ongoing communication, to achieve a 
more direct communication, without the intervention of the Home Agent. All 
this process is transparent to the user, and to the higher layers, allowing the 
ongoing communication to continue without any disruption. 

However, although this protocol solves the mobility problem, the handoff is 
not seamless at all. Several things must be taken into account. First of all, the 
Mobile Node, already in the new network, must register the new care-of address 
in the Home Agent. This process can take a long time because the home network 
can be far from the Mobile Node. In this period of time, losses of packets can 
occur. Secondly, the process of discovering and forming a new care-of address in 
the new network can also be very time consuming, and packet losses can occur 
during the process. New extensions trying to solve these two different problems 
have been proposed in the literature[7,8]. 



2.1 Hierarchical Mobile IPv6 

This extension [7] tries to solve the first problem mentioned above by reducing 
the number of home network registrations when the Mobile Node moves between 
a number of networks, thanks to the use of a hierarchical scheme. A new node is 
presented in this extension, a node called MAP (Mobility Anchor Point). This 
node defines a regional domain, and all the Mobile Nodes within this domain 
have a new care-of address, named a regional care-of address, only valid in this 
regional domain. 

So, when a Mobile Node hands off to a new network that belongs to the same 
regional domain, it must obtain a new local care-of address, using the method 
described in [6], and register it in the MAP, binding it with the regional care- 
of address. The MAP intercepts all the packets directed towards the regional 
care-of address of the Mobile Node and sends them to the current local care-of 
address. 

In the case of a handoff between networks belonging to different MAP do- 
mains, the Mobile Node must obtain a new regional care-of address and register 
it in the Home Agent, which intercepts the packets sent to the home address 
and redirect them to the regional care-of address. 

Therefore, using the hierarchical structure, only in the case of a handover 
between two MAP domains, a Binding Update to the Home Agent is required. 

2.2 Fast Handover 

The other extension, presented in [8], tries to minimize the address resolution 
time forming a new care-of address while still connected to the old access router. 
Several new messages are utilized in this extension. Upon receiving a layer 2 
trigger, informing that the Mobile Node is going to perform a handover, the 
Mobile Node sends the Router Solicitation Proxy message to the old access 
router, informing about the imminent handover. The old access router responds 
with the Proxy Router Advertisement message, indicating either the new point 
of attachment is unknown, or known but connected through the same access 
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router, or known and connected to a new access router, including, in the latter 
case, the necessary prefix to form a new care-of address to be used in the new 
network, using the method described in [6]. 

In addition to this message, the old access router sends the Handover Initia- 
tion message to the new access router, with the newly formed care-of address. In 
response, the new access router sends the Handover Acknowledgement message, 
either accepting or rejecting the new care-of address. The Mobile Node, before 
proceeding with the lrandoff, sends a Fast Binding Update message to the old 
access router, binding the old care-of address with the newly-formed care-of ad- 
dress. At this moment, the old access router starts the redirection of the packets 
directed towards the Mobile Node to the new network, anticipating the packet 
flow to the actual movement of the Mobile Node. 

In response to the Fast Binding Update message, the old access router sends 
the Fast Binding Acknowledgement message to the Mobile Node, via the new 
or the old network, and either accepting or rejecting the previous binding. Once 
the Mobile Node is in the new network, it sends the Neighbor Advertisement 
message to initiate the packet flow from the new access router to the Mobile 
Node. After this, the normal Mobile IPv6 procedures are followed, sending the 
Binding Update to the Home Agent. 

3 Previous Work 

These two protocols do not offer an optimal performance in the handover process, 
and a period of packet loss occurs. For this reason, in recent times, a number of 
attempts to minimize the period of packet loss, using a combination of the two 
protocols, have appeared. 

The scheme proposed in [9] presents a simple superimposition of the two 
protocols, one after the other. First, it proceeds with the normal Fast Handover 
mechanism, resulting in the redirection of the packets from the old access router 
to the Mobile Node, located in the new access router domain. Once in the new 
network, the Mobile Node sends a Binding Update to the MAP, changing the 
data flow from the old access router to the new access router. 

However, although this method introduces a great advantage over the use 
of one or no extension, the handover process cannot be considered seamless. A 
simulation using the NS-2 simulator [10] was carried out, and showed a han- 
dover period time of more than 300 milliseconds. The simulation was performed 
using TCP over Mobile IPv6, and several problems appeared. Some packets re- 
transmitted from the old access router to the new access router, arrived later 
than some packets directly sent from the MAP to the new access router, the for- 
mer being chronologically older than the latter. This causes TCP to interpret the 
packets that arrived later, and chronologically older, as missing packets, starting 
the congestion avoidance mechanisms and retransmitting such packets. 

A new scheme that solves this problem was presented in [11]. It starts doing 
the same as in the previous scheme, with the fast handover redirection mech- 
anism, from the old access router to the new access router. However, in this 
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case, immediately after the old access router receives the Fast Binding Update, 
it sends a packet to the MAP indicating that a handoff will occur shortly. MAP 
proceeds to redirect the packet flow to the new access router, continuing to send 
packets to the old access router. Doing this, if finally the Mobile Node does not 
hand off, it will be able to receive the information properly. 

In this scheme, two redirection points are introduced, the old access router 
and the MAP, but TCP retransmission mechanisms are not triggered because 
the two redirection flows are marked as coming from different nodes. Therefore, 
the Mobile Node will first receive packets from the old access router, which 
probably arrived later to the new access router than some packets from the MAP, 
but which were stored in a different buffer, thanks to the flow differentiation. 
Consequently, the buffer containing the packets from the old access router is 
emptied first, and after the completion of the process, it proceeds to do the same 
with the other buffer, containing the packets coming from the MAP. Simulation 
carried out using the NS-2 simulator , with TCP Tahoe over Mobile IPv6 showed 
that with this method the handover is almost seamless. 

It is important to note that all these previous schemes and simulations have 
been performed bearing TCP in mind, a protocol that produces a great deal of 
complications in the handover process, due to the retransmission mechanism. 
However, this paper is focused on real time applications, such as voice, where a 
seamless handover can offer a definitive advantage. In this case, the use of TCP is 
not suitable. In this kind of applications, the most important thing is for packets 
to arrive on time, within the delay limits established by a specific application, 
even with the possible loss of some packets. For this reason, the use of TCP and 
its retransmission mechanism is counterproductive, and the utilization of UDP 
is recommended. 



4 Proposed Solution 

In figure 1, the proposed signaling scheme is shown. The handover process starts 
with the arrival of a layer 2 trigger, informing that a new network is available at 
that moment. The Mobile Node responds sending the Router Solicitation Proxy 
(R.tSolPr) message to the old access router, informing this node that the Mobile 
Node is going to perform a handoff, and indicating the network which it is going 
to move to. At this moment, the old access router has the knowledge of the 
subnet prefix of the network the Mobile Node is going to move to, along with 
the host prefix of the Mobile Node. 

In response to the RtSolPr, the old access router sends the Proxy Router 
Advertisement (PrR.tAdv) message, indicating if the network the Mobile Node 
is going to move to is unknown, known but attached to the same access router, 
or known and attached to another access router, in which case, this message 
provides the subnet prefix necessary to form a new care-of address. After this, 
the old access router forms a new care-of address on behalf of the Mobile Node 
using [6] , and sends a message called Initiation (Init) message to the MAP serving 
the network to which the Mobile Node is going to move. This message contains 
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Fig. 1 . Signaling scheme of the proposed handoff protocol 



the newly-formed care-of address and the care-of address the Mobile Node is 
using at this moment. 

Once the MAP has received this message, it knows that the Mobile Node 
with the care-of address included in the Init message is going to move to another 
network, in which the Mobile Node will try to use the second care-of address, 
the one formed by the old access router. Therefore, the MAP is informed that, 
very soon, it will have to change the packet flow of the Mobile Node to another 
network, going through the new access router. 

After this, the old access router sends the Handover Initiation (HI) message 
to the new access router, indicating that the Mobile Node is going to perform 
a handover to a network that depends on the new access router. Two care-of 
addresses are included in this message, the care-of address newly- formed by the 
old access router, with the topologically correct subnet prefix of the new network, 
and the care-of address the Mobile Node is using at this time. 

The new access router checks if the new care-of address is valid and although 
it is possible to perform Duplicate Address Detection [6] with the new address, 
it may take a long time, delaying the handover process. The chance of the new 
address being already in use in the new network is low, as the new care-of 
address has been formed using a unique identifier, based on the MAC address 
of the Mobile Node. For this reason, we can skip this detection method. 

With the result of the checking, the new access router sends a message, called 
Initiation Confirmation (Init Conf), informing the MAP of which care-of address 
the Mobile Node will use in the new network. If the new care-of address is valid, 
the MAP will start a new packet flow to the new care-of address, going through 
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the new access router. If the new care-of address is not valid, the MAP will set 
up a temporary tunnel to the new access router, using the old care-of address. 
The moment the MAP receives the Init Conf message, it starts to redirect the 
packet flow of the Mobile Node to the new care-of address, but still maintains 
the packet flow to the old access router. This is done to allow the continuation 
of the communication in case the Mobile Node does not perform a handoff in 
the end. 

Once the layer 2 handover is performed, the Mobile Node sends the Neighbor 
Advertisement (NA) message to the new access router, indicating that the Mobile 
Node is currently attached to this new network. The new access router starts 
sending the packets that it is already receiving from the MAP. After this, the 
Mobile Node sends a Binding Update (BU) message to the MAP, to confirm 
that the Mobile Node is using the new care-of address correctly. When the MAP 
receives this message, it stops the communication with the old access router. If 
after a certain period after the MAP has received the Init Conf message, it has 
not received the Binding Update message, it stops sending the packet flow to the 
new access router, meaning that, in the end, the Mobile Node did not perform 
the handoff. The final message is the Binding Acknowledgement (BA), with the 
same use as in [7]. 

5 Conclusions 

This paper assumes that real time applications use UDP, so no further studies 
about the impact of the retransmission mechanism of TCP on the proposed 
scheme have been carried out. 

The proposed scheme offers some advantages. The most important one is that 
only one redirection point is used, the MAP, not two as in other schemes, the 
MAP and the old access router. Besides, in our scheme, the MAP could not be 
considered a redirection point, because it is part of the final path to the Mobile 
Node. Doing this, we achieve a much more simplified scheme, with no need for 
either double buffering or flow identification, and preserving all the efficiency 
required for a seamless handoff. The decision to move the redirection point from 
the old access router, as in [7,9,11], to the MAP was based on the idea that the 
redirection through the old access router adds an extra delay to the end-to-end 
delay experienced by the packets. This fact can be unacceptable in many cases. 

This scheme takes advantage of two key points. The first one is that when the 
old access router knows the identity of the Mobile Node and the new network 
is going to move, it has all the information necessary to form the new care-of 
address. At this point, the old access router informs the new access router and 
the MAP about the possible change of location of the Mobile Node. Secondly, 
the last decision about the possible use of the new care-of address is taken by the 
new access router. Inmediatly after this address has been approved by the new 
access router, it sends the signal to the MAP to initiate the packet redirection. It 
is not necesassary to receive the Fast Building Update message from the Mobile 
Node because it has no further information about the actual change of network, 
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only the previously received Layer 2 Trigger. For this reason, the starting of the 
packet redirection can be done even before the Mobile Node receives the Proxy 
Router Advertisement message. 

Consequently, this protocol is able to perform a seamless handover and pro- 
vide full support to real time applications using a very simple signaling scheme 
and reducing the complexity and resources of other proposals. 

In order to demonstrate the applicability of this new scheme we are develop- 
ing a new network simulator. This simulator uses object oriented programming 
techniques, and the main aim is to obtain more reliability than previous work 
with other simulators. 
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Abstract. With the spread of portable computers, mobile users rapidly 
increase and have growing interests in wireless LAN (WLAN). However, 
when a mobile node (MN) moves, handoff can frequently occur. The 
frequent handoff makes fast and seamless mobility difficult to achieve. 
Generally the handoff delay is so long that a provider can not support 
realtime services sufficiently. In this paper, to address the link layer (L2) 
handoff delay problem, we propose a fast handoff algorithm using access 
points (APs) with dual radio frequency (RF) modules. The proposed 
handoff algorithm is based on the modified neighbor graph (NG). Exper- 
imental results show that the proposed method reduces the L2 handoff 
delay drastically. Furthermore, the handoff delay in the network layer 
(L3) can be also reduced simultaneously, since the proposed algorithm 
can support L2 triggers. 



1 Introduction 

There has been considerable interest recently in WLAN. The main issue in 
WLAN is handoff management between APs [1] [2] . As a moving MN may ir- 
regularly need to change the associated AP, the APs must be identified and 
the target AP must be selected. When this process is finished, the connecting 
process begins [3]- [5]. The whole handoff procedure can be divided into three 
distinct logical phases [6]: scanning, authentication, and reassociation. During 
the first phase, an MN scans for APs by either sending ProbeRequest messages 
(Active Scanning) or by listening for Beacon messages (Passive Scanning). Af- 
ter scanning all channels, an AP is selected by the MN using the received signal 
strength indication (RSSI), link quality (LQ), and etc. Then, the MN exchanges 
IEEE 802.11 authentication messages with the selected AP. Finally, if the AP 
authenticates the MN, an association moves from an old AP to a new AP as 
following steps: 

(1) An MN issues a ReassociationRequest message to a new AP. The new AP 
must communicate with the old AP to determine that a previous association 
existed; 
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(2) The new AP processes the ReassociationRequest ; 

(3) The new AP contacts the old AP to finish the reassociation procedure with 
inter access point protocol (IAPP) [7] [8]; 

(4) The old AP sends any buffered frames for the MN to the new AP; 

(5) The new AP begins processing frames for the MN. 

The delay incurred during these three phases is referred as the L2 handoff 
delay, that consists of probe delay, authentication delay, and reassociation delay. 
Mishra [9] showed that scanning delay is dominant among the three delays. 
Thus, to solve the problem of the L2 handoff delay, the scanning delay has to be 
reduced or abbreviated. 

In this paper, to minimize the disconnected time while an MN changes the 
associated AP, we propose a fast handoff algorithm using APs with dual RF 
modules. The proposed handoff algorithm is based on the modified NG. By 
adding to AP an RF module that can only receive signals (SNIFFER), the L2 
handoff delay is reduced drastically. The proposed algorithm can eliminate the 
scanning phase of the MN. 

This paper is organized as follows. We briefly review the NG and introduce 
the modified NG in Section 2. In Section 3, the AP with dual RF modules is 
presented. Then, Section 4 describes a fast handoff algorithm using AP with 
dual RF modules. Finally, Section 5 shows the results experimented on our test 
platform and presents brief conclusion comments. 



2 Modified NG 

Before introducing our proposed method, we briefly review the NG. In this sec- 
tion, we describe the notion and motivation for neighbor graphs, and the abstrac- 
tions they provide. Given a wireless network, an NG containing the reassociation 
relationship is constructed [10]. 

Reassociation Relationship: Two APs, api and apj, are said to have a reasso- 
ciation relationship if it is possible for an MN to perform an 802.11 reassociation 
through some path of motion between the physical locations of apt and apj . The 
reassociation relationship depends on the placement of APs, signal strength, and 




Fig. 1 . Concept of neighbor graph, (a) Placement of APs. (b) Corresponding NG. 
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other topological factors and in most cases corresponds to the physical distance 
(vicinity) between the APs. 

Data Structure (NG): Define an undirected graph G = (V,E) where V = 
{api,ap 2 , • • • , ap n } is the set of all APs constituting the wireless network. And 
the set E includes all existing edges e*/ s where e i: j = (ap,: a/pj) represents the 
reassociation relationship. There is an edge between api and apj if they have 
a reassociation relationship. Define N(api) = {api k : api k € V, eik £ E }, i.e. , the 
set of all neighbors of api in G. 

While, the NG can be implemented either in a centralized or a distributed 
manner. In this paper, the NG is implemented in a centralized fashion, with 
correspondent node (CN) storing all the NG data structure (see Fig. 6). The NG 
can be automatically generated by the following algorithm with the management 
message of IEEE 802.11. 

(1) If an MN associated with APj sends Reassociate Request to APi, then add 
an element to both N{api) and N(apj) (i.e. an entry in APj, for j and vice 
versa); 

(2) If e-ij is not included in E, then creates new edge. The creation of a new 
edge requires longer time and can be regard as ‘ high latency handoff ’. This 
occurs only once per edge. 

The NG proposed in [10] uses the topological information on APs. Our pro- 
posed algorithm, however, requires channels of APs as well as topological infor- 
mation. Thus, we modify the data structure of NG as follows: 

G' = (V',E), 

V' = {Vi : Vi = (ap^ channel), Vi £ V}, , , 

etj = ( api,apj ), ^ 

N(api) = {api k : ap ik £ V',e ik £ E}, 

where G' is the modified NG, and V' is the set which consists of APs and their 
channels. In Section 5, we develop a fast handoff algorithm based on the modified 
NG. 

3 Improved Network Architecture 

The MN scans all channels from the first channel to the last channel, because it 
is not aware of the deployment of APs near the MN. The long L2 handoff delay 
caused by scanning phase makes internet services such as VoIP and gaming 
not realizable. The fast and reliable handoff algorithm is a critical factor for 
providing seamless communication services in WLANs. 

In general, the AP contains an RF module which can receive and transmit 
signals by turns in the allotted channel (see Fig. 2 (a)). By adding an RF module 
which can only receive signals to the AP (SNIFFER), i.e., the AP has two RF 
modules, the AP can eavesdrop channels of its neighbor APs. Figure 2 (b) shows 
the proposed network architecture. If the MN enters the cell range of a new AP, 
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Fig. 2. (a) General AP with single RF module, (b) Proposed AP with dual RF modules. 



the SNIFFER of the new AP can eavesdrop the MAC frame. Thus, by examining 
the MAC frame of incoming MN, the new AP can get the address of the AP 
associated with the MN. 

As shown in Fig. 3 (a), the Basic Service Set (BSS) can use only three 
channels at the same site because of interference between adjacent APs. For 
example, in the USA, channels 1, 6, and 11 are used. If the SNIFFER knows 
the channels of neighbor APs, it does not need to receive frames in all channels. 
In Fig. 4, for example, the SNIFFER of the AP3 receives frames in channels 1 
and 6 selected by the modified NG. Assume that the destination address in the 
received frame is the address of AP2. Then, AP3 informs its neighbor AP (AP2) 
that the MN associated with neighbor AP (AP2) enters the cell range of AP3. 

The proposed network does not require any change of the MN. Existing 
wireless network interface card (WNIC) does not require extra devices but can 
be serviced simply by upgrading software. This is very important factor to the 
vender. In the next section, we will show in detail the difference between standard 
network and the proposed network architecture. 



1 23456789 10 11 

channel 1 1 



2,400 

MHz 





(a) 




— 


Perimeter of building floor that requires wireless coverage 


o 


Channel A - Operating o 


IEEE 802.11 Channel 1 


o 


Channel B - Operating o 


a IEEE 802.11 Channel 6 


o 


Channel C - Operating 


n IEEE 802.11 Channel 11 



(b) 



Fig. 3. Selecting channel frequencies for APs. (a) Channel overlap for 802.11b APs. 
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Fig. 4. Proposed handoff algorithm. 



4 Proposed Handoff Algorithm 

Before handoff, the MN or network should first decide the handoff depending 
on certain policy. Handoff policies can be classified into three categories [11]: 
network controlled handoff, network controlled and MN assisted handoff; MN- 
controlled handoff. In IEEE 802.11 WLAN, a handoff is entirely controlled by 
the MN. 

In this paper, we propose a new type of fast handoff algorithm that is MN- 
controlled and network assisted. Network encourages the MN to handoff by pro- 
viding it with information on the new AP. And the MN decides whether the 
network situation matches the handoff criterion. If it matches the handoff cri- 
terion, the MN performs handoff according to received new AP information. 
Figure 4 shows the proposed handoff procedure: 

( 1 ), ( 2 ) The MN associated with AP2 moves toward AP3; 

( 3 ) The SNIFFERs of API and AP3 receive the MN’s MAC frames; 
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(4) Using the destination address in the MAC frame of the MN, SNIFFERs of 
API and AP3 can know that the MN has been associated with AP2. Let 
us denote an RSSI between APi and the MN by RSSI^pp If the RSSIap 3 
is over the threshold, SNIFFERs of the AP3 send AP2 a message including 
handoff information such as the measured RSSI, the MAC address of the 
MN, and so on; 

(5) As the WLAN is very scarce resource, AP2 must not relay all messages 
from other APs to the MN. After removing redundant messages, AP2 relays 
messages to the MN; 

(6) The MN decides handoff if the RSSIap 3 in the received message exceeds 
the RSSIap 2 and the RSSI^P 2 is below a threshold T (handoff if RSSIap 3 
> RSSI^p 2 and RSSI^p 2 < T). After deciding handoff, the MN sends a 
handoff initiation message to AP3 through AP2. If the MN does not need 
handoff, it does not issue a handoff initiation message; 

(7) AP3 send a response message to the MN. In this phase, AP3 can supply L2 
triggers to L3; 

(8) The MN performs handoff from AP2 to AP3. 

The proposed handoff algorithm omits the scanning phase by using the SNIF- 
FER. And the MN can be authenticated and associated before handoff [12]. If 
network allows this preprocess, the proposed handoff algorithm producing zero 
delay can be implemented in L2. Furthermore, as the proposed algorithm sup- 
plies L2 triggers, the L3 handoff delay can be diminished drastically. 
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Fig. 6. Experimental platform. 



5 Experimental Results and Conclusion 

Figure 6 shows our experimental platform consisting of an MN, APs, router, 
and Correspondent Node (CN). All machines we used are SAMSUNG SENSV25 
laptops with Pentium IV 2.4 GHz and 1,024 MB RAM. All machines are running 
RedHat Linux 9.0 as the operating system. To exchange the NG information, 
socket interface is used, and Mobile IPv6 is applied to maintain L3 connectivity 
while experimenting. The device driver of a common WNIC was modified so 
that the MN operates as an AP that can support handoff initiation message. 
For the proposed mechanism, we developed three programs: NG Server, NG 
Client, and SNIFFER. The NG Server manages the data structure of NG on the 
experimental platform and processes the request of the NG Client that updates 
the NG information of the MN after the MN moves to the another AP. Using 
destination address in the MAC frame of the MN, the SNIFFER can be aware 
of the AP associated with the MN. If the RSSI of the received frame is over 
the threshold, the SNIFFER sends the old AP a message including handoff 
information such as the measured RSSI, the MAC address of the MN, and so on. 

In general, the wireless MAC protocol can be implemented using device driver 
and firmware. The wireless MAC protocol can not be easily extended or modified 
because wireless MAC protocol is implemented in dedicated firmware. But, in 
our experiment, we measured RSSI, LQ, and L2 handoff delay in both firmware 
and device driver. 

In the proposed handoff scheme, the handoff delay is defined by the duration 
between the first ReassociationRequest message and the last ReassocationRe- 
sponse message. But, the device driver of the WNIC starts handoff with Join 
process. So, we measure the L2 handoff delay between Join and ReassocationRe- 
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Fig. 7. L2 Handoff delay and the other parameters. 



sponse message. To diminish the handoff delay, we also modified Join process in 
firmware. The handoff delay experienced by a single mobile device is presented 
in Fig. 7 with RSSI and LQ. In Fig. 7, the RSSI value is reported on chip set 
and is linear with signal level in dB. We can simply get signal level in dBm on 
a radio by 



RSSI(dBm) = RSSI(measured value) — 100. (2) 

The LQ is available on handoff algorithm in many ways. This measure is the SNR 
in the carrier tracking loop and can be used to determine when the demodulator 
is working near to the noise floor and likely to make errors. 

Since the handoff delay in the device driver includes message processing time 
in addition to receiving and transmitting time, the handoff delay in the device 
driver is longer than the handoff delay in the firmware. Our experimental results 
show that the L2 handoff delay is about 11msec in device driver. But, if we 
optimize our experimental platform, the L2 handoff delay can be reduced to 
measured delay in firmware. Thus, by comprising the other L3 solution, realtime 
seamless multimedia service can be realized sufficiently. 

To address the L2 handoff delay problem, we proposed a fast handoff algo- 
rithm using AP with dual RF modules that can eliminate the scanning phase 
of the MN. Since proposed algorithm enables the MN to be authenticated and 
associated before handoff, it produces zero delay in L2. But careful attention has 
to be paid to the design of L3 layer protocol to minimize total handoff delay. In 
our next paper, we will provide details of the L3 protocol to support the fast 
handoff. 
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Abstract. The integration of wireless LANs (WLANs) and 3G systems per- 
formed at core network level requires very little modifications to the current 
3GPP architecture and provides a large set of benefits: seamless service integra- 
tion, exploration of user mobility by applications, seamless use of different ra- 
dio access network (RANs), easy availability of current services such as Short 
Message Service (SMS) in other RANs, etc. This paper describes an architec- 
ture that has the GPRS as the primary network. Each of the other networks has 
a 3G core-level component to manage it and to perform the integration. Verti- 
cal handovers between RANs are not needed and secondary networks are used 
on an availability basis. Users can have at least one session per RAN that is 
maintained even when they are moving in dark areas of that RAN (and the 
communication is still possible via the primary network). Our proposal does 
not require the system to be all-IP, but simply IP-enabled. 



1 Introduction 

The traditional approaches to the integration of wireless LANs (WLANs) and 3GPP 
systems have avoided any changes to the core 3GPP network. WLANs can either 
appear as 3GPP cells (known as the tightly coupled approach [1], [2]) or interact with 
the 3GPP at IP level (the loosely coupled approach [1], [3]). If one considers that it 
might be possible to change the core network (basically minor software upgrades) the 
integration of wireless systems can become powerful and attractive at various levels. 
We assume that the GPRS (General Packet Radio Service) network is ubiquitous and 
forms the primary radio access network (RAN) 1 . Users can have sessions over the 
different RANs and these sessions persist over out of range periods. Consequently, 
users can always be contacted (either using that RAN, or the GPRS). All non-primary 
RANs are used as a complement to the GPRS making vertical handovers less critical. 
In fact, there is not really any vertical handover as users maintain the GPRS connec- 
tivity all the time. 



1 In the rest of the paper, we consider GPRS as a packet service in both 2.5G and 3G 3GPP 
systems 

M. Freire et al. (Eds.): ECUMN 2004, LNCS 3262. pp. 29-39, 2004. 

© Springer-Verlag Berlin Heidelberg 2004 




30 



P. Pinto, L. Bernardo, and P. Sobral 



A second aspect refers to the management of service contexts (i.e. the possibility 
for a service to use one RAN or another). If the core has some awareness of different 
RANs it allows the exploration of the user mobility in such aspects as connection 
availability in other RANs and decisions for forwarding traffic through certain RANs. 
Currently, user mobility in 3GPP systems is mainly concerned with maintaining the 
bearer services (control and data channels) to enable communication. The core just 
pushes packets through without any high level concern such as different cell capacity. 
The current work in 3GPP for interworking with WLANs leaves most of these issues 
to further work. This paper is also a contribution with a different angle to the prob- 
lem. Lastly, we stress a view of more autonomy to WLAN owners. They trust on the 
3G system to authenticate users but remain with all the power to authorize them. The 
3GPP has, naturally, a more 3G centric view of the problem. 

Our envisaged application scenarios are an extension of the infostation model [4] 
with cellular network integration. Imagine a user landing on an airport. Once there, he 
starts a session using the airport’s WLAN. He wants to download a report. Next he 
takes a taxi to the hotel. On his way, any WLAN will be used to send parts of the 
report (semaphores, etc.). Inside the taxi, in areas not covered by WLAN, the user can 
still be contacted using the GPRS RAN. Eventually all the report will be transferred 
by WLAN. When he arrives at the hotel (which has also a WLAN) the same session 
is still on. We assume that UEs (User Equipments) are equipped with two, or more, 
wireless interfaces working simultaneously. 



2 Hotspot Integration 

In the future, 3GPP cells will be smaller and will have more bandwidth. However, 
extremely high rates will not be necessary everywhere, but just in small hotspots [5]. 
How will these hotspots be integrated? 



2.1 Homogeneous Approach 

One possibility is that these new cells will make WLAN integration useless because 
they will have the same characteristics - they are 3G cells. There are some drawbacks 
though. The network would have to predict the user movement (using cell informa- 
tion) to schedule data when the user enters in this kind of cells. It is a hard task to be 
performed at network level because it needs knowledge of the application. Such 
seamless environment is also difficult for users because they can step out of the cell 
and feel a drop in the bandwidth. The tightly coupled approach [1], [2] of integrating 
WLANs is somehow similar to this homogeneous approach: WLAN cells behave like 
ordinary cells offering an interface compatible with the 3GPP protocols. This ap- 
proach has further disadvantages: (a) the WLAN must be owned by the 3GPP opera- 
tor (due to strong exposure of core network interfaces); (b) it is hard to incorporate a 
WLAN cell because cell displacement demands carefully engineered network plan- 
ning tools and because a great deal of control procedures are based on configuration 
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parameters (CelllD, UTRAN Registration Area (URA), Routing Area (RA), etc.); (c) 
paging procedures, registration updates and handovers (including vertical handovers) 
have to be defined and some technologies (e.g. IEEE 802.1 1) are not so optimized to 
make them fast enough; and (d) high-rate traffic has to pass through the current 3GPP 
core network. 



2.2 Heterogeneous Approach 

Another way to integrate WLANs is the loosely coupled approach [ 1 ] [3] . It assumes 
there is a WLAN gateway on the WLAN network with functionalities of Foreign 
Agent, firewall, AAA (Authentication, Authorization and Accounting) relaying, and 
charging. The connection to the 3GPP uses the GGSN (Gateway GPRS Support 
Node) having a functionality of Home Agent. It only makes sense to use this option 
with multi-mode UEs because a vertical handover to WLANs would disconnect the 
UE from all the functionality of the cellular networks (paging, etc.). One advantage is 
that high-speed traffic is never injected into the 3GPP core network. A major disad- 
vantage is the degree of integration. WLAN networks are handled independently and 
will be used on an availability basis by the users, whom have to stay within the same 
coverage. WLAN access to any service provided by the 3GPP (e.g. SMS) has to con- 
sider the cellular system’s internet interface becoming more complex. Any exploita- 
tion of the UE’s mobility (both in the cellular system and inside the WLAN aggrega- 
tion of cells) is hidden by the mechanism of Mobile IP, for instance. From an applica- 
tion point of view, the UE is stationary, placed inside a big cloud called GPRS (or 
WLAN). I.e. it has a stable IP address and any mobility inside the 3GPP network is 
not seen from the exterior. 



2.3 Core-Level Approach 

Yet another possibility is that high bandwidth cells are seen as special cells, not inte- 
grated in the cellular system and having a special (direct) connection to a packet data 
network. The user knows he is using a different interface and stepping out of cover- 
age is easy to detect. This possibility is easy to implement if the integration is per- 
formed somewhere in between the tightly and the loosely coupled approaches - at 
core network level. The packet data network of these special cells is added to the 
current 3GPP core network and can communicate with the current elements (SGSN, 
HSS, etc.). Any communication from the core to the UE (regardless of the RAN that 
is used) does not have to leave the core. This makes some fundamental differences 
towards the loosely coupled approach as we will see. A first one is related with au- 
thentication and authorization: in 3GPP, users become valid after an AAA procedure 
with the core and can use any available service. Having an AAA procedure in 
WLANs identical to the one used in UMTS allows the delivery of any packet from 
the core (either belonging to GPRS or to other WLANs) using any RAN. At a certain 
layer in the core there is no notion of services, but only packets. A second difference 
is related with mobility management: a cellular network has its own model to handle 
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mobility (i.e. below the IP level with its own authentication procedures and control 
nodes). The current state-of-the-art in the Internet is Mobile IP where care-of- 
addresses and tunnels are used to hide mobility. In the heterogeneous approach the 
GGSN is overloaded with these tasks. The introduction of a control node inside the 
core for WLANs avoids such complexity and unifies the mobility management model 
with the one used in 3GPP. This control node can also offer a standard and protected 
programming interface for developing new services that are aware of both mobility 
and available RANs. In summary, this core-level approach allows the use of WLAN 
as a complement to the GPRS network. 

3GPP defined requirements for six scenarios [6] of increasing levels of integration 
between 3GPP systems and WLANs. Scenario 3 addresses access to 3GPP packet 
services including access control and charging; [7] specifies how it should be done. 
An IP access to 3G services was adopted (loosely coupled approach) 



3 Architecture 

3.1 Primary and Secondary RANs 

The GPRS forms the primary network. It is the only one to have control services 
(paging, compulsory registration updates, etc.) and the user is always attached to it. 
All other networks (secondary networks) are simpler and are basically data networks 
(if they have a paging facility to save battery life, it is only an internal optimization 
not seen at core network level). Most of the works in internetworking [8] [9] [10] as- 
sume that all control features exist in all networks and are seen at core level. IDMP 
[11] is one of the exceptions stating that they should be customized. The most similar 
approach to ours was taken by MIRAI [12]. They also have a primary network but it 
is mostly concerned about control features - the Basic Access Network (BAN). Its 
most important task is to help users in choosing a RAN. The choice is based on a list 
provided by the BAN considering user location and preferences. Although the authors 
consider a long list of issues to help the UE choose the RAN, some too low level or 
“external” reasons (e.g. battery life) can lead to unexpected choices from the applica- 
tions’ point of view. The control features of the BAN are very similar to the ones in 
UMTS. It could have been implemented by the 3G system (as also stated in [12]) but 
MIRAI authors decided to implement a new radio interface. 

Other works consider all RANs at the same level. [ 13] defines a flow router at the 
core that uses all RANs. This will lead to the existence of control functions in all of 
them. If only one is chosen to have these features the system will fall back to ours. 
Moreover, with a monolithic core it would be more difficult to add a new RAN. 



3.2 General Description 

Secondary RANs are not ubiquitous. Sets of cells form islands and the group of is- 
lands belonging to a certain technology (e.g. 802.11, Hyperlan) is seen as a Hotspot 
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Network (HN) (Figure 1). Each island is controlled by a local Island Manager (IM), 
and a component at the core, called HNAC (Hotspot Network Area Controller), is 
responsible for one, or more, islands of the same HN. One task of HNAC is also to 
maintain a user session regardless of the connection status of the user at a certain 
moment. 

Figure 2 shows the main components responsible for 
the data traffic. The novel parts at core level are the con- 
nection between the SGSN (Serving GPRS Support 
Node) and the HNAC; the ability of the HNAC to access 
information stored at the HSS (Home Subscriber Server); 
and a component called GHSN (Gateway Hotspot net- 
work Support Node) which is responsible for context 
management and Internet access (just the way GGSN is 
for GPRS). The thicker lines (at the right of the IM) belong to the core but they are 
not present in the current 3G core. All the high speed traffic goes through them not 
overloading the current 3G core. 

The 3GPP specification for scenario 3 [7] has a component called PDG (Packet 
Data Gateway) that gives IP access to 3G services (including external Internet ac- 
cess). All data passes through the PDG and there is no direct contact with the 3G core 
as all interactions are at IP level. 

An UE has a unique identification at core level in the form of its IMSI (Int. Mobile 
Subscriber Identity). The idea is that when a packet is destined to an IMSI UE it can 
travel through the UTRAN to the UE identified by the IMSI, or through the WLAN 
RAN to the same UE now identified by an HN dependent identifier. In figure 2 an IP 
address, IPa, was chosen as this dependent (local) identifier. In the sequel it will be 
seen that it is not relevant that this address has to be an IP address. It is only necessary 
that it remains stable at IM interface. 

As stated above, the UE is always attached to the GPRS network. It can create a 
session (PDP context) and define a stable IP address at GGSN (IPj in Fig. 2). On the 
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other hand, HN sessions can be established in two ways: directly over the WLAN 
RAN, or indirectly over the UTRAN. 

The first way happens when an UE senses a WLAN and discovers it has a 3GPP 
agreement. It performs a two phase attachment procedure with secure authentications 
- first to the local WLAN and second to the 3GPP system. The first phase is not cov- 
ered by 3GPP standards. Our solution is a challenge/response procedure between the 
UE and the IM (with the assistance of the 3G system). The WLAN trusts the 3G net- 
work in terms of authentication but remains with the power to authorize the user to 
use local services. The main operations in this first phase are the following: the IM 
asks the HNAC for a challenge based on authorization vectors of the 3 GPP. The IM 
relays the challenge to the UE, and the response back to the HNAC. The HNAC in- 
forms the IM of the UE identity (e.g. its MSISDN, as this is not a sensitive piece of 
information). The IM will then use the MSISDN to verify in its authorization data- 
base if the UE can use local services. If it does, the address IP3 is defined by the Lo- 
cal Router (the functionality of the Local Router can reside in the IM) and session 
keys are provided by the IM. The second phase provides access to the 3G network. It 
can be done regardless of the outcome of the first phase. This second phase follows 
the lines of [7]. Once registered in the HN the UE can create a context with the 
GHSN defining a stable and routable IP address, IP 2 . 

The second way (HN session establishment via UTRAN) can happen during dark 
areas and the UTRAN is used to connect the UE to one HNAC (see below). 



3.3 Overview of the Core Network Interactions 

The HSS has information about the UEs (identity and routing information, etc.). It 
must be enlarged with information about HN related status (registered, reachable, 
current identification, serving HNAC, etc.). HNAC will go to HSS to get updated 
information in the same way as the SGSN goes nowadays. The HSS also provides 
authentication vectors, subscriber profiles, and charging information to HNACs. 

We will describe two working scenarios: the smooth one that requires very little 
changes to the current core network; and the abrupt one demanding more modifica- 
tions. In the smooth one, the PS domain works as today and the HNAC can access the 
UE directly or via SGSN (line A in fig. 2). An easy way to implement this indirect via 
is to allow the HNAC to establish a PDP context with the SGSN (similar to the PDP 
context of the GGSN). A GTP-U (GPRS Tunneling Protocol - for User Plan) is estab- 
lished between the HNAC and the serving RNC (Radio Network Controller) and used 
at HNAC discretion. The second scenario is more interesting and both SGSN and 
HNAC can convey their traffic through the other one if they see some advantage. One 
first change is the partition of the current GTP-U tunnel between the GGSN and the 
SRNC into two half-tunnels: GGSN-SGSN and SGSN-SRNC. It is very much a re- 
turn to the original GPRS specification. The latter second half-tunnel ise replaced by 
a SGSN-IM connection via HNAC. So, the major modification is the ability of the 
SGSN to use the HNAC to reach the UE. Before describing in functional terms the 
new interfaces let’s see how the communication between the core and the UE takes 
place. 
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Figure 3 shows the protocol stack in the UE. There is a Connection Manager (CM) 
that manages the status of both connections and offers a unique upward interface to 
both RANs. The Delivery Service (DS) 
operating over WLANs is a confirmed 
service and switches to the UTRAN if it 
senses a failure. The DS operating over 
UTRAN is not confirmed because the 
UTRAN is ubiquitous. If more than one 
RAN is active the default one for each 
message is used, unless otherwise indi- 
cated by the application. The CM can 
signal the applications (and be queried 
by them) about the current status of a 
specific connection. With this informa- 
tion, applications can avoid using the 
link if the proper interface is not active 
(transferring only urgent or control information, for instance). The CM is able to 
contact each of the core network components (SGSN or HNAC) either directly or via 
the other RAN (for link maintenance messages, etc.). The session control layer is 
responsible for session survival when the UE is in dark areas. 

In figure 3 the DS of the core component (SGSN or HNAC) communicates with 
the DS of the UE using L1/L2 protocols. VLANs could be used. However, IP-tunnels 
can as well be used. In this case the DS establishes a tunnel to the peer DS, and the 
protocol stack would look a little bit different from the one pictured in the figure. 

This setting (core-level approach) is functionally similar to the tightly coupled ap- 
proach [1], without the need to expose the core network interfaces (Iu). Instead, the 
HNAC has to be introduced in the core. 
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3.4 Interfaces in the Core Network 

For the second scenario (abrupt) the following interactions are needed: 

(a) HSS must store information about the HN activity of UEs. It must provide 
this information to HNACs as well as authorization vectors, registration pro- 
cedures, updates, etc. It is assumed that HNACs have the functionality of an 
AAA proxy; 

(b) SGSN must perform the relaying of packets between the HNAC and the UE 
(this is better done by the DS than by creating an IP tunnel); 

(c) HNAC must perform the relaying of packets between the SGSN and the UE 
(again, the DSs will cooperate to achieve this), (both (b) and (c) allow core 
components to communicate with the UE via the other RAN); 

(d) logic must exist in the SGSN to enable it to use the WLAN in advantageous 
circumstances; 
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(e) SGSN must have an event service to notify any interested core component 
(namely HNAC) about relevant events - “UE availability”, “cell update”, 
“routing area update”, “positive cell identification” and “undefined cell iden- 
tification”; 

(f) SGSN must provide access to its mobility management information (cell 
identification if in GPRS state ready, or routing area identification, other- 
wise) - it can be useful for the HNAC if it has a relation between CelllDs and 
WLAN placements (it can force the WLAN interface to switch off if no is- 
lands are known in a certain routing area, for instance). It is also important 
because HNAC change of responsibility can happen when the UE performs 
a routing area update. 



4 Discussion and Performance Evaluation 

In our system there is no need for vertical handovers because the GPRS session is 
always on and the other RANs are used as a complement. Communication to the UE 
can use indistinguishably any available RAN. As the choice of RANs is performed by 
the core components, no information is ever lost. In systems with traditional vertical 
handover, the dominant factor is the time the UE takes to discover that it has moved 
in/out of coverage (i.e. the cell has to become active or inactive) [14]. Figure 4 shows 
the procedures when an UE loses and finds coverage (thin and blank lines represent 
no bandwidth available). The lost of coverage is the most critical of the two [14]. 

In the tightly coupled approach, when the UE loses coverage a new RAN has to be 
sensed and the secure associations 
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this is not valid). In the loosely coupled approach these two phases could be done in 
advance but the mobility management phase cannot. 

Another aspect is the requirement of either an all-IP architecture or an IP-enabled 
one. The most critical part in our system is the communication between DSs. It can be 
performed using VLANs and no IP requirements exist, or it can be performed using 
IP-tunnels. If the tunnel is only established between the core component (SGSN or 
HNAC) and the IM, the destination of the packets is the UE identified by a stable 
identifier. The identifier can be IP, or not (in figure 2 is IPa). If the tunnel goes di- 
rectly from the core to the UE, then the UE has to have an IP local identifier (IPa). 

Note that IPa is a local identifier not seen by the applications. For the applications, 
the UE can either be working with the IP, or the IP 2 addresses. These are the working 
addresses at IP layer of figure 3. The Delivery Service is responsible for forwarding 
the packets between the IP layer of the core component (HNAC or SGSN) and the IP 
layer of the UE using the IMSI or the other identifier (IPa in this paper). Therefore, 
there are no assumptions about the necessity of using Mobile IP, for instance. The 
mobility management inside an island is performed by the IM without any knowledge 
of the core components. It can be based on IP, use VLANs, etc. So, if IPa is used in 
the routing process, or not, is not a requirement either. The stability of IPa is needed 
to avoid resolution towards the IMSI every time the core wants to use it. 

HNACs can play an important role in user mobility management. They can have a 
standard (and protected) programming interface to be used by third-party organiza- 
tions to build services that take advantage of the information gathered at the core 
(HSS) not explored fully today (e.g. if the user has a HN session, if it is under cover- 
age, etc.). Most of the mobility management nowadays in 3GPP systems is only con- 
cerned on maintaining RABs (Radio Access Bearers). HNACs can store data (locally, 
or in components inside the core) in cooperation with the application, to defer its 
transfer until the UE gets into an island again (having the data nearby can be deci- 
sively if connection times are very short). 



5 Examples of Service Integration 

A good example that shows how this architecture can simplify the integration of wire- 
less systems a great deal is taken from [7], Figure 5, from [7], shows how 3GPP plans 
to support SMS over WLANs (providing IP bearer capability). 

A service specific gateway, called IP-SM-GW, must exist and offer an interface 
similar to an MSC or an SGSN (interfaces E or Gd) to the GMSC/SMS-IWMSC. The 
address of this gateway is returned by the HSS in the “send routing information for 
short message” primitive. This gateway has a private database to associate MSISDN 
to IP addresses. UEs in WLAN have to specifically register and specifically authenti- 
cate for SMS services and have secure associations to the gateway. The gateway 
communicates with the UE via Internet (PDG, etc.). 

In our system (second scenario), the SMS service could be provided without any 
need for service-specific extra components, service-specific private databases, or 
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Fig. 5. Support of SMS over WLAN (3GPP version) 



service-specific registration by the UEs. The SGSN just gets the message from the 
GMSC/SMS-IWMSC as before and can use the HNAC to convey the message to the 
UE, using the secure associations that are already in place between the HNAC and the 
UE. 



6 Conclusions 

The internetworking of wireless infrastructures performed at core level with a pivot 
network seems a simple and executable model with many advantages: 

(a) as most of the control features already exist in the 3GPP network, they can 
be absent in other networks; 

(b) certain details (such as micro-mobility) are not managed at core level; 

(c) it defines an environment where new features and services can be added to 
the core; 

(d) it does not impose an all-IP architecture; 

(e) there is no critical dependence on vertical handovers; and 

(f) it does not create extra load to the current 3GPP core network. 

The addition of new modules at core level with standard (and protected) program- 
ming interfaces can open up new possibilities to explore terminal mobility (a topic 
that is absent today). 

Topics relevant for further work include the algorithms to be used on top of the 
HNACs to explore the mobility of UEs and their connection periods, and the viability 
of service continuity using this type of handovers. 
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Abstract. In this paper, we propose a new management information 
base (MIB) called Service Monitoring (SM) MIB. The MIB enables a 
network manager to gather end-to-end management information by uti- 
lizing special test packet. The special packet is an Internet control mes- 
sage protocol (ICMP) application that can be sent to a remote network 
element to monitor its Internet services. The SM MIB makes end-to-end 
management possible without using any special measurement architec- 
tures or equipments. Real examples show that the proposed SM MIB is 
useful for end-to-end quality of service (QoS) monitoring. The accuracy 
of obtained data, priority and security issues are discussed. 



1 Introduction 

The ability to assess the end-to-end QoS of real-time application is important 
for billing and provisioning purpose. Current network management system uses 
simple network management protocol (SNMP) for handling managed objects 
of IP networks. However, SNMP-based management platforms basically cannot 
handle the end-to-end management of Internet. This typical approach suffers 
from lack of scalability and scope restriction. If an end-to-end user flow traverses 
multiple Internet service provider (ISP) domains, then a network management 
system (NMS) could obtain information from multiple agents through local or 
manager-to-manager interfaces to retrieve the customer’s end-to-end view of 
their service. This typical approach may cause management traffic and data 
retrieval time to increase because of querying the various hops and manager-to- 
manager interactions. 

The problems associated with centralized management architecture, lack of 
extensibility, and poor support for end-to-end management has been identified 
and addressed by many researchers. Over the last few years, mobile agent/code 
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approach [1] has achieved a widespread interest to decentralize network man- 
agement tasks. Autonomous delegated agent, which moves network element dy- 
namically, makes end-to-end management feasible. It gives much flexibility and 
scalability to a network management system by relieving it from periodic polling. 
Performance management using management by delegation (MbD) has been 
studied by Clrerkaoui et al. [2] and Bolroris et al. [3]. 

The concept of MbD influences IETF distributed management (DISMAN) 
working group to integrate this concept to its management framework. IETF 
efforts to standardize distributed management have focused on SNMP compliant 
MIBs and Agent. There are two types of developments with respect to distributed 
management. One is agent extensibility (AgentX) protocol (RFC 2741, RFC 
2742) and the other is distributed Internet management with functional MIBs 
such as RFC 2925, RFC 2981, RFC 2982, RFC 3014, RFC 3165, and RFC 3231. 
The goal of AgentX technology is to distribute agent functions to sub-agents. 
In AgentX, however, relatively complex operations on the master agent side 
are required in order to realize SNMP lexicographic ordering and access control 
efficiently. The goal of the functional MIBs is to delegate functionality to network 
elements, still assuming that the control and coordination of a management task 
ultimately resides within a management program communicating with one or 
more agent. In spite of widespread interest of researchers, a mobile agent-based 
distributed management is still quite complex both to design and maintain, in 
contrast with the relative simplicity of a centralized management system. 

RMON (Remote Network Monitoring) [4] is a major step towards decentral- 
ization of monitoring statistical analysis functions. It provides an effective and 
efficient way to monitor subnetwork-wide behavior while reducing the burden 
on other agents and on management stations. It can monitor the total traf- 
fic within a LAN segment such as number of collisions and number of packets 
delivered per second. RMON2 [5] has the capability of seeing above the MAC 
layer by reading the header of the enclosed network-layer protocol. This enables 
the agent to determine the ultimate source and destination and allows the net- 
work manager to monitor traffic in great detail. Although RMON MIB provides 
network-wide information, the data collection is quite a CPU and memory inten- 
sive task because RMON operates in promiscuous mode, viewing every packet 
on a subnetwork. End-to-end characteristics such as delay and jitter cannot be 
measured by passive packet probe. 

Active measurement approach is one of the most promising schemes in terms 
of end-to-end QoS monitoring. The examples of active measurement architec- 
ture in practice today include [6] , [7] , [8] . IETF IP Performance Metrics (IPPM) 
working group has proposed measurement architecture and protocols: RFC 2330, 
RFC 2679, and RFC 2680. Recently, IPPM has proposed a management inter- 
face named IPPM-reporting-MIB [9], which is work in progress, for compre- 
hensive measurement reporting based on their measurement architecture. The 
active measurement approaches that we mentioned above need special devices 
or protocol implementations at both sides of measurement point. The works us- 
ing ICMP extensions such as [10] are useful for performance monitoring. They 
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can give monitoring information to both operators and end-users without any 
additional protocol implementations unless intermediate routers discard ICMP 
packets. Our approach is focused on in-service end-to-end flow monitoring with- 
out using any special measurement framework. Our work is on the same category 
as [9] since the goal is to propose a management interface that gives network 
operators and end users remote management information. 

Our approach is to utilize dynamic packet rather than dynamic agent (e.g., 
MbD and AgentX) or passive packet probe (e.g., RMON). For the purpose of 
management, we designed and implemented test packet and Service Monitoring 
MIB (SM MIB). Test packet is a measurement packet and it is an integral part 
of SM MIB. Instead of using our proposed ICMP extensions, different works 
such as RFC 2679 and RFC 2680 are also useful for a test packet. SM MIB 
provides a network manager with dynamic end-to-end management information, 
in particular, QoS information by utilizing test packets, which move through 
network elements. The MIB gives the network manager the ability to obtain 
end-to-end information, reduces the need to distribute MIBs throughout the 
network, and cuts the amount of management-related traffic. 

The remainder of this paper is organized as follows. We describe the de- 
sign and implementation details of the proposed test packet and SM MIB. The 
real examples that we conducted on various network with SM MIB are shown 
together with accuracy and security discussions. Finally, conclusions follow. 

2 Test Packet Capabilities 

Most of the Internet real-time multimedia services use user datagram protocol 
(UDP) as a transport protocol. At receiver side, absolute packet loss measure 
of UDP application is basically impossible because sequence number field is 
not defined in the UDP header. Since both ICMP and UDP do not support 
flow control mechanism and retransmission algorithm (i.e., they are directly 
encapsulated into IP datagram.) ICMP and UDP will experience the same loss 
probability if intermediate routers process them as the same priority. In order to 
extend ICMP message to sophisticated QoS monitoring tool, we developed test 
packet. It gives capabilities for an IP router or a host to measure quality of service 
metrics of user flows by dispatching test packets periodically. Test packets are 
generated periodically and circulate on a user flow. They are interspersed with 
user traffic at regular intervals to collect information such as network throughput, 
packet loss, delay, and delay variation from the routers along user flow. They have 
same packet length, type of service (TOS) value (DS codepoint field for IPv4 and 
Traffic Class field for IPv6), and followed the same route - They experience the 
same QoS as user packets. A test packet is generated with following information. 

— MPSN: Monitoring packet sequence number. 

— TOS value: Type of Service value of test packet. 

— Time Stamp: The time at which the test packet was inserted. 

As the packets are received at the destination endpoint, the test packets are 
replied. They can measure the following QoS metrics. 
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— RTT (Round Trip Time), the end-to-end delay of a flow: test packet is able 
to calculate the round-trip time (RTT) by storing the time at which it sends 
the echo request in the data portion of the message. 

— Loss, the end-to-end packet loss of a flow: The end-to-end packet loss ratio 
can be estimated as total number of replied test packets over total number 
of requested test packets. 

— Jitter, the variation of latency between packets: The end-to-end packet delay 
variation can be estimated as test packet delay variation. 

We implemented test packet that works with both IPv4 and IPv6 based on 
the publicly available ping program source. 



3 MIB Design and Implementation 

Service Monitoring MIB (SM MIB) is an SNMP-compliant MIB for the delega- 
tion of dynamic packets to a destination endpoint and for gathering end-to-end 
QoS management information. Fig. 1 shows the logical structure of the SM MIB. 
It consists of three tables: one control table (named smControlTable) which 
specifies the destination and the details of sampling function, and two data ta- 
bles (named smRequestTable and smReplyTable), which record the data. 

For each of the K rows of smControlTable, there is a set of rows of 
smRequestTable and smReplyTable. For information of activated test flow 
specified by the row in the smControlTable, the data tables contain one 
row for each QoS information delivered by one test packet. Thus, as long 
as the control table information is not changed, one row is added to the 
smReplyTable each time a test packet arrives to the agent. The data tables 
are indexed by smRequestlndex (or smReplylndex) and smRequestSeqNum (or 
smReplySeqNum). smControlMaxRows, one of the control table objects limits the 
size of the data table. The number of rows in the data table can be expressed as 
^2iLo smControlMaxRows(i) assuming that all test replies are received by agent. 
Where smControlMaxRows (i) is value of smControlMaxRows for row i of the 
smControlTable, and N is the number of rows in the smControlTable. 

After a new row is defined in the smControlTable, a new test flow 
starts. In other words, the network manager starts a test flow by writing an 
smControlEntry. Whenever a new test packet is captured by local network ele- 
ment, a new row is added to the data table. Once the number of rows for a data 
table becomes equal to smControlMaxRows, the set of rows for that test flow 
functions as a circular buffer. As each new row is added to the set, the oldest 
row associated with this test flow is deleted. The object is to prevent resource 
abuse; however, if a network manager sets smControlMaxRows too small, it may 
cause problems such that management information might be deleted before the 
manager obtains the information using Get/GetBulk request message. Each in- 
stances of the data table associated with smControlRowStatus will be deleted 
(associated test flow is deactivated) by the agent if this smControlRowStatus is 
destroy (6). 
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smControlEntry :: = 

INDEX {smControlIndex} 


smControlIndex <- 


INTEGER 


smControlDataSource 


INTEGER 


smControlSourceAddressType 


InetAddressType 


smControlSourceAddress 


InetAddress 


smControlDestAddressType 


InetAddressType 


smControlDestAddress 


InetAddress 


smControlAdminStatus 


INTEGER 


smControlOperStatus 


INTEGER 


smControlDS Field 


Unsigned32 


smControlTimeOut 


Unsigned32 


smControlProbelnterval 


Unsigned32 


smControlTotalProbe 


Unsigned32 


smControlMaxRows 


Unsigned32 


smControlDataSize 


Unsinged32 


smControlRowStatus 


RowStatus 



smRequestEntry :: = 

INDEX {smControlIndex, smRequestlndex} 


smRequestlndex <- 


INTEGER 


smRequestSeqNumber 


INTEGER 


smRequestTimeStamp 


Unsigned32 



smReplyEntry :: = 

INDEX {smControlIndex, smReplylndex} 



smReplylndex INTEGER 

smReplySeqNumber INTEGER 

smReplyTimeStamp Unsigned32 



Fig. 1 . Logical structure of the SM MIB. The entries represent the three tables of the 
MIB. Table index components used to identify entries are indicated by an arrow. 



A prototype of the SNMP agent including SM MIB was built using ucd- 
snmp-4.2.6 package. If the SM MIB is deployed in DiffServ platform, the TOS 
field is interpreted in conformance with the codepoint allocation defined in RFC 
2474. 

4 Experimental Results 

We have performed a number of measurement experiments on Internet. We var- 
ied the multimedia sources (e.g., Live TV sites, VoIP services, video conferencing, 
and VoD/AoD). We evaluate service quality in terms of RTT, jitter, and packet 
loss rate. 
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Fig. 2. RTT and RTT variation between site at Yonsei University in Seoul, Korea and 
IP Telephony site (www.dialpad.co.kr) in Korea. In-Service Monitoring during 15:47 
(PM) January 13, 2004 - 16:47 (PM) January 13, 2004. 



4.1 In-Service Monitoring 

We sent test packets with 36-byte payload (which is the same to the UDP pay- 
load size of user packets) at 2 s regular intervals to Internet telephony site, 
www.dialpad.co.kr during call holding time, 60 minutes. Fig. 2 and 3 show the 
value of data table instances of SM MIB as graphs. For RTT, jitter and packet 
loss, the measured data are sampled with rate of 30/min during call holding time 
60 min. We obtained 1800 samples for this flow. During the experimentation, 
from 16:10pm to 16:31pm, we offered high background load to monitor delay 
and packet loss. 

RTT and Jitter. The circled line of Fig. 2 shows the RTT versus each moni- 
toring time. The RTT values fluctuate from 12 ms to 7789 ms and the average 
RTT and standard deviation are 837.951 ms and 1501.671 ms, respectively. As 
shown in Fig. 2, RTT values increase when we offered high background load. 
Overloaded 20 minutes of poor performance lead to dissatisfaction. The solid 
line of Fig. 2 shows the jitter versus monitoring time. The jitter fluctuates from 
-1007 ms to 1073 ms and the average jitter is 0.907 ms. We observed that above 
400 ms or below -400 ms jitter VoIP speech becomes irritating, and sometimes, 
speakers become unable to communicate. 

Data Accuracy. For end-to-end delay variation, the measured data are sampled 
with the rate of A; (test packet generation rate) during call holding time 1 //%. 
We can get A ;//3j samples for user flow i. Suppose that X\, ■ ■ ■ , X n is a sample 
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Fig. 3. Number of test packet losses between site at Yonsei University in Seoul, Korea 
and IP Telephony site (www.dialpad.co.kr) in Korea. In-Service Monitoring during 
15:47 (PM) January 13, 2004-16:47 (PM) January 13, 2004. 



from a normal population having unknown real traffic mean end-to-end delay 
variation fj, and variance er 2 . It is clear that Xo=i Xi/n is the maximum likelihood 
estimator for \i . Since the sample mean X does not exactly equal to /z, we specify 
an interval for which we have a certain degree of confidence that fj, lies within. 
To obtain such an interval we make use of probability distribution of the point 
estimator. For example, 95% confidence interval for /z are: 

(Z-1.96 a/V'VA, * + 1.96 <7 / v / VA) (1) 

assuming that the delay variation samples have normal distribution and the 
number of measured samples Aj//3* > 30. The 95% confidence interval of the 
average jitter is (0.906993 ms, 0.907007 ms). 

Packet Loss. We have monitored 48 test packet losses from 1800 samples during 
60 min. By the results, we can get 2.67% packet loss ratio for this application. 
Small number of packet drops was monitored under low background load. In this 
site, we observed that the packet loss behavior is affected by delay and delay 
variation. We observed that the occurrence of long delays of 3 seconds or more 
at a frequency of 5% or more packet loss is irritating for VoIP speech. 



4.2 Long Time Scale Service Estimation 

Every hour, we sent 11 test packets with 1000-byte payload to Live TV site, 
www.kbs.co.kr at 2 s intervals. This is repeated for a week. This site is located 
at a distance of 9 hops from our workstation. In order to experience the same 
QoS as the user packets, test packet size is set to 1,000 bytes, which is the same 
to the UDP payload size of user packets. The RTT, jitter, and the number of 
test packet losses are recorded at SM MIB. 
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Wed Thu Fri Sat Sun Mon Tue 
Day of Week (January 7- 13, 2004) 

(b) Jitter 




Wed Thu Fri Sat Sun Mon Tue 

Day of Week (January 7 - 13, 2004) 

(c) Packet loss ratio 



Fig. 4. RTT, jitter, and packet loss ratio between site at Yonsei University in Seoul, 
Korea and Live TV site (www.kbs.co.kr) in Korea. Weekly plots during 22:16 (PM) 
January 7, 2004-21:24 (PM) January 13, 2004. 



Fig. 4 shows the round trip time (RTT) and jitter versus each monitoring 
time. As soon as the control table entry was created, the first smRequestTable 
row was created right away, and the first smReplyTable row was created at t 
= 135 ms. The average time gap between request table row creation and rele- 
vant reply table row creation was 717.594 ms for this flow. For RTT, jitter and 







48 



Y.-H. Choi, B. Kim, and J. Park 



packet loss, the measured data was sampled with rate of 10/h during a week. 
We obtained 1710 samples for this flow. 



RTT and Jitter. Fig. 4-(a) shows the RTT versus each monitoring time. The 
RTT values fluctuate from 11 ms to 10366 ms and the average RTT and standard 
deviation are 717.594 ms and 1887.739 ms, respectively. As shown in Fig. 4- 
(a), RTT values decrease during the weekend. Fig. 4-(b) shows the jitter versus 
each monitoring time. The jitter fluctuates from -10776 ms to 8255 ms and the 
average jitter and standard deviation are -0.00058 ms 618.944 ms, respectively. If 
we assume that the delay variation follows normal distribution, 95% confidence 
interval of the average jitter is (-0.00055 ms, 0.00061 ms). 



Packet Loss. Fig. 4-(c) shows the packet loss versus each monitoring time. 
We have monitored 54 test packet losses from 1710 samples for a week. By the 
results, we can get 3.158% packet loss ratio. 



Limitations. The collected data would be useful for postmortem analysis and 
future use of network provisioning. We collected samples at periodic intervals. 
Currently our SM MIB does not support other sampling methods such as Poisson 
and Geometric sampling. Periodic sampling is attractive because of its simplicity, 
but it may suffer from potential problem: If the metric being measured itself 
exhibits periodic behavior, then there is a possibility that the sampling will 
observe only part of the periodic behavior if the period happens to agree. 



Security Issues. Since we use active measurement approach, injecting too 
much test traffic into the network may cause to distort the results of the mea- 
surement, and in extreme cases it can be considered as denial-of-service attacks 
by routers. To prevent this attack, some sites limit the amount of ICMP-echo 
traffic: the effect is that ICMP messages can get blocked so packet loss can look 
bad even though the network is OK [10]. The test packet generation rate in this 
paper was small enough not to experience drop by rate limiting. Routers using 
firewall may discard unauthorized packets to prevent attack. ICMP-based test 
packet as well as other types of measurement traffic will be discarded in this 
case. 



Priority Issues. If routers can recognize test traffic and treat it separately, the 
results will not reflect actual user traffic. The test packet that we design has the 
same packet length and TOS value (DS codepoint field for IPv4 in DiffServ) as 
user traffic. Because both of them are directly encapsulated into IP datagram, 
ICMP-based test packet and UDP-basecl user traffic will experience the same 
loss probability if intermediate routers process them as the same priority. The 
security and priority issues are open problems in active measurement studies. 
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5 Concluding Remarks 

Our goal is to suggest a practical solution for end-to-end management, still main- 
taining typical manager-agent paradigm. In this paper, we proposed a new MIB 
approach, called SM MIB. It offers a convenient solution for end-to-end QoS 
management. It provides a network manager with end-to-end management in- 
formation by utilizing special test packets, which move through network elements 
dynamically. The MIB gives the network manager the ability to obtain end-to- 
end information, reduces the need to distribute MIB’s throughout the network, 
and cuts the amount of management-related traffic. The implementation and 
maintenance of the MIB are simple because the method does not requires any 
special management functions at every intermediate router in the network, but 
just requires us to implement SM MIB at edge routers/end hosts only. The real 
examples showed that the SM MIB can be used as real-time in-service monitor- 
ing tool as well as long time scale load analysis tool. The accuracy of obtained 
data depends on the number of samples. We specified an interval for which we 
have 95% degree of confidence that measured data lies within. 

Finally, we address the weakness of our work. SM MIB does not guarantee 
100% accuracy due to the unavoidable errors of periodic sampling method and 
the limitations of test packet capabilities. The inaccuracy of the proposed test 
packet capabilities can be overcome by improving functionality of the packet, 
such as in RFC 2679 and RFC 2680. We expect that the SM MIB will be useful 
for end-to-end service evaluation as well as QoS monitoring. 
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Abstract. Call admission control is a principal component for QoS de- 
livery in IP networks. It determines the extent to which network resources 
are utilized. It determines also whether QoS are actually delivered or 
not. Continuing on the steps of the existing approaches, we introduce a 
distributed and scalable admission control scheme to provide end-to-end 
statistical QoS guarantees in Differentiated Services( DiffServ {networks. 
This scheme is based on the passive monitoring of aggregate traffic at the 
core routers, and active probing of network state between the different 
edge routers. Thus, we have simulated a DiffServ network where differ- 
ent users are provided different service classes. In this network, the back 
ground (BG or BE) flows are characterized by Poisson process, however 
the Expedited Forwarding (EF) flows are generated by Exponential and 
Pareto ON-OFF sources. Afterward, we have evaluated the admission 
mechanism employed at the different network digresses by measuring 
the network utilization at the network bottlenecks, and the effect of this 
mechanism on the accepted number of EF flows and their delay budget. 



1 Introduction 

The fast growing of the Internet network has created the need for IP-based 
applications requiring guaranteed QoS characteristics. The integrated ser- 
vice(IntServ)and DiffServ have been proposed to address QoS. While IntServ 
operates on a per-flow basis and hence provides a strong service model that en- 
ables strong per-flow QoS guarantees, it suffers from scalability problem. How- 
ever, DiffServ keeps per flow state only at the ingress or egress of a domain and 
aggregates flows into a limited set of traffic classes within the network, resolving 
the scalability problem at the expense of looser QoS guarantees. 

Beside standardized functionality of the IP layer, considerable amount of 
work has been devoted to architectures and functions to deliver end-to-end 
(e2e) QoS. These functions can be classified into service management functions, 
and traffic engineering functions. Traffic engineering functions are principally 
concerned with the management of network resources for accommodating 
optimally offered traffic. Service management functions deal with the handling 
of the different service users connections, trying to maximize the number of 
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connections while respecting the signed contracts between the service providers 
(SP’s), and users. In order to guarantee the agreed QoS signed in the contracts, 
service management needs a call admission control(CAC) to avoid the network 
overloading [1], 

Recently, different CAC’s have been developed to provide deterministic and 
statistical QoS guarantees in DiffServ network [2,3,4], In [2] Zhang et al. in- 
troduce a bandwidth broker(BB)to manage the network status. It implies that 
admission control decisions are made at a central node for each administrative 
domain. Although the cost of handling service requests is significantly reduced, 
it is unlikely approach scales for large networks. Furthermore, it estimates the 
available network resources assuming the worst case, which can’t efficiently uti- 
lize the network resources. In order to cope with the scalability, most relevant 
studies adopt distributed admission control schemes, which are further catego- 
rized into model-based and measurement-based approaches. Both of these ap- 
proaches assess QoS degradation probability upon service request arrivals; model 
based approaclres[5] maintain state information for active and employ mathemat- 
ical models, whereas measurement based approaches rely on either passive [7] or 
active [8] aggregate measurements. 

In an attempt to provide statistical QoS guarantees, several end point ad- 
mission control(EPAC) algorithms such as [2,3] have been developed in which 
end hosts probe a network and record the performance metrics of the probing 
packets. Then, if the metrics is below a threshold, the hosts admit the connec- 
tion and start the data transmission phase; otherwise, the connection is rejected. 
An advantage of these schemes is that, no network control is required and all 
functions are performed by the end hosts. However, they are also suffering from 
long probing time, and they provide imprecise network measurements. 

In this paper, we analyze a distributed admission control, and evaluate it 
through the NS in the DiffServ network shown in Fig.l. The connections are 
accepted or rejected at the different network ingresses according to the feedbacks 
of the actual network status. However, the number and measurement times of 
the probing packets which are used through the simulations to infer the network 
status are less and shorter respectively than those used in the EPAC algorithms. 
This distinguishes in turn our admission control than those introduced before. 

The remainder of this paper is organized as follows: In section 2, and 2.1 we 
describe the simulation environment, different traffic classes, and its characteris- 
tics. In section 3, and 3.1 we analyze our proposed admission conrol. In section 5, 
we present the results of several experiments intended to demonstrate the ability 
of the proposed call admission control to guarantee the EF delay bound while 
maximizing the network utilization. Finally, section 6 will draw a conclusion to 
this paper, and we will provide some perspective points. 



2 Network Model 

In order to evaluate the proposed call admission control we have designed and 
simulated the DiffServ network shown in Fig. 1 using NS. Since, we aim at eval- 
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Fig. 1. Differentiated Service Topology. 



uating distributed CAC, we see that through simulation the network topology 
shown in Fig. 1 we can realize our objectives, because it includes many edges 
through which different users can inject traffic in the network, and at which they 
can be controlled. Furthermore, we can evaluate the CAC on multiple bottle- 
necks. Also, we have two traffic sources 2,3 inject traffic in opposite directions, 
however we will see in the simulation section how the CAC does exploit the 
available bandwidth when they send their traffic in the opposite and the same 
directions. All the routers output links have the same capacity “Co”, except the 
network bottlenecks which are circled on Fig. 1 have a capacity equivalent to 

Lf *C 0 J [6]. 

2.1 Network Traffic 

Network traffic is divided into three classes { Cef , Caf , Cbe}, where Cef,Caf, 
and Cbe are the traffic generated from EF, AF, and BE flows respectively. Nine 
users divided into three groups according to their Edge routers are allowed to in- 
ject these different traffic classes in the DiffServ network shown in Fig. 1. They 
are serviced at the different output links of the routers by the static priority 
scheduling service discipline (SPS) [14]. Therefore, each class has its own prior- 
ity queue, and reserved bandwidth. However, since we are concerned with the 
QoS offered by the EF service class, hence the e2e delay bound and number of the 
different EF flows that are injected by the different EF sources shown in Fig. 1 
are monitored, and calculated from their sourcesi ^.3 until their destinationsi. 2,3 
respectively, in order to evaluate the efficiency of the CAC installed at the edge 
routers. At these ingresses EF flows are controlled by a dual leaky bucket con- 
troller (DLBC) with parameters(p,7r,cr) where p is the average traffic rate,7r is 
the peak traffic rate, and a is the burst size. Therefore, the amount of EF traffic 
that arrives to a core router over a time interval (£ 1 , t 2 ) is denoted by A(ti,t 2 ) 
and determined through the following formula : 



A(t\, t 2 ) < min{p(t 2 — t±) + a, 7r(£ 2 — £ 1 } 



(1) 
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[9,10]. Nevertheless, the CAC is configured such that the e2e delay bound of EF 
flows is statistically guaranteed through the following relation : 

Prob(dj >- Def) ~< e (2) 

Where Def is the determined e2e delay bound to the EF traffic class in the 
CAC, dj is the EF flow’s e2e delay bound suffering from in the network, and e 
is the probability of EF flows’e2e delay bound violation . 

3 Statistical Multiplexing Based on Bandwidth 

Statistical multiplexing improves the network resources sharing and raises its 
links utilization. This mechanism is used to allocate the bandwidth for each 
connection in IntServ network and for the different traffic classes in DiffServ 
network. This allocation is based on the traffic characteristics; such as, peak rate 
“p”, and burst V”. For example, EF class in DiffServ network shown in Fig. 1 
is assigned at each node’s output link a portion of bandwidth Cef equivalent 

( n ef i 

to its peak rate Pef, provided that,< pef = Pi f — Cef- Furthermore, EF 

class is assigned a queue of length L at each network node, where, L is related to 
the required delay bound of EF class at each node through this simple formula 
: L = Cef * d req . This formula helps us to calculate the different queues’ length 
that support the SPS service discipline. 

However, when Cef is consumed by the different EF flows, then the queue 
that is assigned for EF in SPS service discipline is nearly filled up, which results 
in degradation of the EF service class. But, when the number of EF flows is 
reduced, then EF queue is nearly empty, and EF traffic suffers from short delay 
and low packets loss. IP networks suffer from the bandwidth clustering, whereby 
the bandwidth is available at some network nodes, while heavy congestions occur 
at others due to lack of bandwidth. Therefore, measuring the available bandwidth 
at the output interfaces of each network node in DiffServ network is important 
for the CAC’s that work on its edge routers to decide whether to accept more EF 
flows or not, such that the QoS offered through EF service class is guaranteed. 



3.1 Local Measurement and Available Bandwidth Estimation 

Through measuring the envelope of the multiplexed EF aggregate flows, the 
short time scale burstiness of the EF traffic can be captured, and then it can be 
employed for bandwidth reservation, thereby CAC builds its decision to accept 
new EF flows or not. Furthermore, the available bandwidth which is remained 
from the reserved bandwidth for EF aggregate Cef of the output links to a 
router is estimated in terms of the EF aggregate arriving average and its variance 
over the different time intervals [2]. Let A(f!,f 2 ) denotes arriving traffic from 
EF aggregate in the time interval (fijQ)- This time interval is divided into M 
windows, where each is divided into k time slices of length r. Then, for the past 




